2022 Pwnie Award Winners

Best Cryptographic Attack

Hertzbleed: Turning Power Side-Channel Attacks Into Remote Timing Attacks on x86

Best Desktop Bug

Architecturally Leaking Data from the Microarchitecture

Best Mobile Bug

FORCEDENTRY

Best Privilege Escalation Bug

Mystique in the House: The Droid Vulnerability Chain That Owns All Your Userspace

Best Remote Code Execution Bug

Windows RPC Runtime Remote Code Execution (CVE-2022-26809)

Best Song

Dialed Up

Epic Achievement

Yuki Chen’s Windows Server-Side RCE Bugs

Lamest Vendor Response

Google’s top security teams unilaterally shut down a counterterrorism operation

Most Epic Fail

HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains

Most Innovative Research

Custom Processing Unit: Tracing and Patching Intel Atom Microcode

Most Under-Hyped Research

Spoofing IP with IPIP